Full title: OrbiTeam BSCW Server XSS / LFI / User Enumeration Vulnerabilities 
Category: web applications
Platform: cgi
OrbiTeam BSCW Server versions 5.0.x, 5.1.x, 5.2.4 and below, 7.3.x and below, and 7.4.3 and below suffer from path traversal, cross site scripting, HTTP header, session object manipulation, local file inclusion, and user enumeration vulnerabilities.

# 0day.today @ http://0day.today/